Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uXq-GQMBG3ERRD03Dp4KwdM2x2Q.roa
File: uXq-GQMBG3ERRD03Dp4KwdM2x2Q.roa (raw, json)
Hash identifier: Z4jfyvvvWRIC18d3+WtzY+zx2bdaJ00NJLHFmVap5Wo=
Subject key identifier: B9:7A:BE:19:03:01:1B:71:11:44:3D:37:0E:9E:0A:C1:D3:36:C7:64
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191A4B43342169C144ECC9E2BE14643CB12
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uXq-GQMBG3ERRD03Dp4KwdM2x2Q.roa
Signing time: Fri 30 Aug 2024 19:12:38 +0000
ROA not before: Fri 30 Aug 2024 19:12:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 30 Aug 2024 20:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a4:b4:33:42:16:9c:14:4e:cc:9e:2b:e1:46:43:cb:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 30 19:12:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b97abe1903011b7111443d370e9e0ac1d336c764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4d:50:a8:d1:e9:5c:e2:11:0b:46:6f:fa:28:
f5:0f:ea:78:d7:95:9f:4c:93:ff:c3:85:c4:99:3a:
47:e4:36:4d:93:11:aa:87:c2:c7:89:94:06:6c:b0:
90:ef:03:46:33:77:ec:0d:83:dd:f2:ba:e4:e5:50:
7d:3d:77:e3:3b:65:d3:49:ae:54:ac:72:35:44:6b:
49:99:3d:45:27:ed:32:f2:3d:b3:a7:40:94:f8:74:
61:43:cb:62:60:d9:18:20:70:5f:9c:0e:af:5b:b0:
0f:e1:c6:ce:42:10:46:30:37:c3:97:f8:15:6c:6e:
17:a2:55:de:10:52:77:00:0c:0a:e0:ef:db:33:1f:
16:b2:27:1f:e7:e7:fc:69:a0:64:fa:84:60:26:46:
11:3e:06:ce:09:18:3e:ab:74:81:68:29:ef:57:44:
4f:2a:9f:b0:0a:49:3f:6a:a3:07:60:b5:89:80:38:
75:9e:d9:9b:b1:87:c9:a3:21:73:34:db:13:b1:18:
5f:e5:6b:78:6a:6d:cc:0d:af:25:33:15:c1:fb:9d:
47:a3:bf:8e:0f:b3:9b:bc:95:04:e9:1a:01:dc:ea:
61:f9:48:d4:ff:b5:78:4f:c7:e1:0d:28:fb:64:f9:
20:24:25:12:53:e6:a9:8b:b0:6a:44:1b:84:0d:c9:
b2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7A:BE:19:03:01:1B:71:11:44:3D:37:0E:9E:0A:C1:D3:36:C7:64
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uXq-GQMBG3ERRD03Dp4KwdM2x2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
0d:c7:16:da:1f:ac:8d:be:73:77:90:bd:d7:0b:fc:d0:7b:f0:
b5:dd:d1:41:ab:44:01:44:07:91:f7:06:e4:25:a3:85:7a:0f:
6f:80:eb:5f:9b:f4:42:a2:8f:4c:6d:83:99:da:a6:b1:42:9a:
d9:0c:fa:24:3c:a6:05:2a:66:c4:ae:6a:4b:4a:9c:8d:2b:30:
fe:b4:12:52:d2:2e:fe:0c:3c:a8:16:86:ce:48:11:50:07:27:
6b:8e:47:16:4e:98:a6:ee:4d:59:0f:a8:fb:c3:27:15:b7:a8:
03:6b:b5:5d:ef:f7:83:71:41:65:ae:09:29:a4:c2:cc:ea:62:
92:6d:07:8e:85:0e:65:f5:d9:fc:d4:f2:af:b4:b7:5e:7e:d0:
fe:8d:cf:6c:00:69:33:8e:1b:9b:00:5d:db:38:64:33:fa:8f:
21:61:55:dd:5f:3b:79:fd:3e:8f:5a:71:dd:2c:46:1b:46:d5:
d3:e0:34:8b:ff:92:5d:33:23:7c:a0:a0:3a:77:65:6c:a5:b9:
25:7f:db:93:bf:0e:38:8e:8f:86:55:6b:21:fa:7a:91:00:c7:
2c:96:42:12:d5:df:c1:8f:68:f4:69:67:6d:7e:45:f2:a5:f8:
ac:17:41:2e:0e:dc:f2:60:11:cf:9c:ed:57:49:29:db:ab:90:
1a:51:a0:6c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZGktDNCFpwUTsyeK+FGQ8sSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODMwMTkxMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdhYmUxOTAzMDExYjcxMTE0NDNkMzcwZTllMGFjMWQzMzZjNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyE1QqNHpXOIRC0Zv+ij1D+p415Wf
TJP/w4XEmTpH5DZNkxGqh8LHiZQGbLCQ7wNGM3fsDYPd8rrk5VB9PXfjO2XTSa5U
rHI1RGtJmT1FJ+0y8j2zp0CU+HRhQ8tiYNkYIHBfnA6vW7AP4cbOQhBGMDfDl/gV
bG4XolXeEFJ3AAwK4O/bMx8Wsicf5+f8aaBk+oRgJkYRPgbOCRg+q3SBaCnvV0RP
Kp+wCkk/aqMHYLWJgDh1ntmbsYfJoyFzNNsTsRhf5Wt4am3MDa8lMxXB+51Ho7+O
D7ObvJUE6RoB3Oph+UjU/7V4T8fhDSj7ZPkgJCUSU+api7BqRBuEDcmyCQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLl6vhkDARtxEUQ9Nw6eCsHTNsdkMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdVhxLUdRTUJHM0VSUkQwM0RwNEt3ZE0yeDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEADccW2h+sjb5zd5C91wv80Hvw
td3RQatEAUQHkfcG5CWjhXoPb4DrX5v0QqKPTG2DmdqmsUKa2Qz6JDymBSpmxK5q
S0qcjSsw/rQSUtIu/gw8qBaGzkgRUAcna45HFk6Ypu5NWQ+o+8MnFbeoA2u1Xe/3
g3FBZa4JKaTCzOpikm0HjoUOZfXZ/NTyr7S3Xn7Q/o3PbABpM44bmwBd2zhkM/qP
IWFV3V87ef0+j1px3SxGG0bV0+A0i/+SXTMjfKCgOndlbKW5JX/bk78OOI6PhlVr
Ifp6kQDHLJZCEtXfwY9o9GlnbX5F8qX4rBdBLg7c8mARz5ztV0kp26uQGlGgbA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:44:51 2025 by rpki-client